--- strongswan-5.9.5-orig/src/libstrongswan/plugins/openssl/openssl_plugin.c 2022-01-08 12:54:02.000000000 +0100 +++ strongswan-5.9.5/src/libstrongswan/plugins/openssl/openssl_plugin.c 2022-02-23 23:12:03.685111475 +0100 @@ -16,7 +16,6 @@ #include #include -#include #include #include #include @@ -74,13 +73,6 @@ * public functions */ openssl_plugin_t public; - -#if OPENSSL_VERSION_NUMBER >= 0x30000000L - /** - * Loaded providers - */ - array_t *providers; -#endif }; /** @@ -881,21 +873,12 @@ #endif } *features = f; - return countof(f); + return count; } METHOD(plugin_t, destroy, void, private_openssl_plugin_t *this) { -#if OPENSSL_VERSION_NUMBER >= 0x30000000L - OSSL_PROVIDER *provider; - while (array_remove(this->providers, ARRAY_TAIL, &provider)) - { - OSSL_PROVIDER_unload(provider); - } - array_destroy(this->providers); -#endif /* OPENSSL_VERSION_NUMBER */ - /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we * can't call it as we couldn't re-initialize the library (as required by the * unit tests and the Android app) */ @@ -1009,20 +992,16 @@ DBG1(DBG_LIB, "unable to load OpenSSL FIPS provider"); return NULL; } - array_insert_create(&this->providers, ARRAY_TAIL, fips); /* explicitly load the base provider containing encoding functions */ - array_insert_create(&this->providers, ARRAY_TAIL, - OSSL_PROVIDER_load(NULL, "base")); + OSSL_PROVIDER_load(NULL, "base"); } else if (lib->settings->get_bool(lib->settings, "%s.plugins.openssl.load_legacy", TRUE, lib->ns)) { /* load the legacy provider for algorithms like MD4, DES, BF etc. */ - array_insert_create(&this->providers, ARRAY_TAIL, - OSSL_PROVIDER_load(NULL, "legacy")); + OSSL_PROVIDER_load(NULL, "legacy"); /* explicitly load the default provider, as mentioned by crypto(7) */ - array_insert_create(&this->providers, ARRAY_TAIL, - OSSL_PROVIDER_load(NULL, "default")); + OSSL_PROVIDER_load(NULL, "default"); } ossl_provider_names_t data = {}; OSSL_PROVIDER_do_all(NULL, concat_ossl_providers, &data);